echidna
slither
Our great sponsors
echidna | slither | |
---|---|---|
33 | 36 | |
2,556 | 4,992 | |
2.2% | 2.1% | |
8.5 | 9.5 | |
5 days ago | 6 days ago | |
Solidity | Python | |
GNU Affero General Public License v3.0 | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
echidna
- Echidna 2.2.0 released with improvements in fuzzing performance and UX
-
Fuzzing Around: Better Smart Contract Testing through the Power of Random Inputs
Fuzzing has been around for a while in traditional full-stack development, but a new class of tools is here that can apply fuzzing to smart contract testing in web3. Some of the fuzzing tools include the open source Echidna and MythX.
-
Smart Contract Audits with ConsenSys Diligence Fuzzing - Fuzzing as a Service
Fuzzing has been around for a while. Defensics and Burp Suite are some examples in the traditional development world. There are also several web3/blockchain fuzzing tools available, such as Echidna and Foundry. However, Diligence Fuzzing is fuzzing as a service and makes everything a little simpler to implement. Which in the end means better audits and more secure contracts. So let’s look into it in more detail.
- Echidna 2.1.1 released with fixes and reduced memory footprint!
slither
-
Hidden Risks Lurking in Ethereum's Smart Contract Proxies
Yes exactly! However, >99% of the time this wouldn't happen unintentionally, and typically static analysis frameworks will detect function clashing like slither: https://github.com/crytic/slither.
- Slither 0.9.3 is out - improvements to the detectors, solidity support and more
-
Are there cases where installing a command line tool via pipx won't work, but installing via pip will?
I don't know these tools but took a look at the slither-analyze deps, and see that solc-select is not a hard dependency, but part of the extra dep group called dev. So with a normal pipx install slither-analyze, solc-select is probably absent from the relevant venv.
-
WTS: certiK audit credit ?
Congrats, you just wasted money for an audit you could have done for free with https://github.com/crytic/slither.
-
Crypto devs, what tools am I missing? Trying to build a decent list of dev resources.
Vulnerability Infrastructure: Slither
-
Solidity documentation using AI
What are the differences of your solution to `slither documentation`?
- Slither 0.9.2: finds bugs and auto-creates docs with GPT
What are some alternatives?
manticore - Symbolic execution tool
solc-select - Manage and switch between Solidity compiler versions
openzeppelin-solidity - OpenZeppelin Contracts is a library for secure smart contract development. [Moved to: https://github.com/OpenZeppelin/openzeppelin-contracts]
openzeppelin-contracts - OpenZeppelin Contracts is a library for secure smart contract development.
mythril - Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Rootstock, Tron and other EVM-compatible blockchains.
remix-ide - Documentation for Remix IDE
eth-security-toolbox - A Docker container preconfigured with all of the Trail of Bits Ethereum security tools.
publications - Publications from Trail of Bits
ganache - :warning: The Truffle Suite is being sunset. For information on ongoing support, migration options and FAQs, visit the Consensys blog. Thank you for all the support over the years.
chai - BDD / TDD assertion framework for node.js and the browser that can be paired with any testing framework.